On June 5, we reported on a take down of Citadel botnet networks by Microsoft‘s Digital Crime Unit and the FBI, among other unspecified “technology industry partners.” The assault had resulted in 1400 Citadel botnet networks being taken down, and now Microsoft has revealed the number of computers liberated as a result: at least 2 million.
The information comes from Microsoft Digital Crime Unit’s Assistant General Counsel Richard Domingues Boscovich in an interview earlier this evening. Said Boscovich, “We definitely have liberated at least 2 million PCs globally. That is a conservative estimate. We feel confident that we really got most of the ones that we were after. It was a very, very successful disruptive action.”
Among the PCs liberated, the majority were located in the US, Hong Kong, and throughout Europe. The take down process worked by severing the Citadel networks from the infected machines, with a total of 1,400 networks being successfully pulled. Those responsible for leading the networks, however, one of which is known as “Aquabox”, were not captured, and have not been identified.
Law enforcement in 80+ countries worked with the FBI and Microsoft during the process, and are said to be working towards identifying those who are running the networks. Aquabox is the head of the operation, and thus far it is suspected he or she is located in Eastern Europe. Likewise, Microsoft is working with overseas industry partners in an effort to identify how many of these botnets are still being run.
The networks were being run via data centers said to be located in different places across the globe, and used infected machines to target financial institutions. The operations have resulted in at least $500 million being stolen from banks. The targets are both big and small, ranging from the big-name institutions like Bank of America to small, local credit unions.